RT AI TOOLKIT

Section 3/5: Vendor Risk Issues

Your organisation may be engaging vendors when licensing off-the-shelf AI Systems from them. This section does not apply when your organisation engages developers to jointly develop bespoke AI Systems. The complexities and legal risks arising from such collaborative arrangements would be much higher.

1. Are your organisation’s contracts with vendors comprehensive in covering the ownership and rights over the data input into the AI Systems?

 
 
 
 
 

2. Are your organisation’s contracts with vendors comprehensive in covering the following issues regarding the data input into the AI Systems?

a) Contractual liability; and

b) Data protection/privacy?

 
 
 
 
 

3. Are your organisation’s contracts with vendors comprehensive in covering ownership and rights over the output generated by the AI Systems?

 
 
 
 
 

4. Are your organisation’s contracts with vendors comprehensive in covering the following issues regarding the output generated by the AI Systems?

a) Contractual liability; and

b) Data protection/privacy?

 
 
 
 
 

5. Is the acceptable use policy to which the organisation is subject aligned with the organisation’s business requirements?

 
 
 
 
 

6. Are your organisation’s contracts with vendors comprehensive in covering the cyber security posture of the AI Systems?

 
 
 
 
 

7. Are your organisation’s contracts with vendors comprehensive in covering issues relating to inclusivity and biases in the use of AI Systems?

 
 
 
 
 

8. Are your organisation’s contracts with vendors comprehensive in covering issues relating to human rights in the use of AI Systems?

 
 
 
 
 

9. Are your organisation’s contracts with vendors comprehensive in covering issues relating to the environmental impact of your AI Systems?

 
 
 
 
 

Question 1 of 9